It’s the twisted, forgotten nightmare. A security loophole from the early 90s, which nobody really remembers, has come back to haunt around 33% of all the websites and servers across the world.
Termed as the “FREAK” vulnerability, CVE-2015-0204 stands for Factoring Attack on RSA-EXPORT Keys. It exposes many SSL clients including OpenSSL to weak encryption and theft of sensitive data within the communication channel. According to the French researchers who had reported this vulnerability, Android and Safari browsers are at severe risks of man-in-the-middle hacks. Meanwhile, Microsoft has also confirmed that it affects all currently supported Windows versions too.
Where did the FREAK come from?
Somewhere in the early 90s, the US government restricted native companies from exporting any machines that utilized strong encryption for security reasons. They believed that other countries could have used encryption against them.
At the same time, there were no restrictions on easy-to-break or weak encryption products, which were exported in huge numbers. It is believed that the National Security Agency also wanted to decrypt foreign encryption at that time. Clearly, it was not an easy task to break the encryption as it required supercomputers and access to a few other resources that the US government had at their disposal.
Towards the end of the 90s, the US government lifted those export restrictions and almost everyone forgot about those weaker encryption ciphers. Somehow (cryptographers are still researching on whys and hows of it) those low-grade encryption modes are still found in many products that use unpatched OpenSSL, especially in Android and Apple devices.
How is the FREAK vulnerability exploited?
French cryptographic team, after discovering the vulnerability, devised a plan and was able to trick the browsers into accepting weak encryption modes for hacking into several websites. It is being assumed that more than 5 million websites with SSL encryption padlock are vulnerable to such exploitation today, which also includes the supposedly ‘secured’ sites and cloud providers like those of FBI, NSA, IBM and, Symantec.
FREAK or CVE-2015-0204 is basically a Factoring Attack on RSA-EXPORT Keys with comparatively weak encryption. While it’s true that back in the 90s only a few agencies had access to supercomputers and other resources, today the scenario has changed with cloud computing services like Amazon’s EC2 bringing advanced computing for hire within everyone’s reach. Here’s how an attacker can exploit FREAK using that.
- A man-in-the-middle attacker forces a connection to use a weaker RSA cyber suite with an altered message.
- The server responds with a 512-bit export RSA key, signed with its long-term key.
- The victim accepts an outdated key due to the vulnerability.
- Attacker factors RSA modulus for the decryption key.
- When the victim encrypts a file, the attacker decrypts it and accesses the information in plain text.
Quite clearly such exploitation shatters HTTPS security and open gates to private key, login cookies, and passwords. Not only can the attacker access all the sensitive information, but FREAK also allows him to inject any command.
How can you ensure security?
While a lot of security analysts are arguing about the severity of FREAK, no one can argue that any vulnerability that threatens your sensitive information and poses command injection risks has to be taken seriously.
According to Apple’s spokesman Ryan James, they have developed a software update to remediate the vulnerability, which would be pushed out next week. And Google spokeswoman Liz Markman said the patch has been provided to partners, but she did not comment on its availability.
Meanwhile, individual users are advised to prefer Google Chrome and Firefox for their stronger encryption technology over other browsers.
As for the organizations, it is extremely important to keep the applications and servers protected from man-in-the-middle exploitations. A vulnerability scanner is recommended to point out weakly encrypted handshakes with the client that could lead to injection. We have already updated the Indusface AppTrana scanners and Indusface WAF to detect, report, and protect from the FREAK vulnerability.